Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e203631333137.roa
File: 34352e39352e3231322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 39imESlGL3iZonTWKrf/C02F4/7PFU2SnhSUp3quod4=
Subject key identifier: AE:06:30:CC:F5:7C:B1:D9:6D:D9:4E:BB:A7:C5:EB:0E:60:72:7D:3C
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 6374E170695EE15106AF3DCFF76DD0C5802FB0DB
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e203631333137.roa
Signing time: Thu 19 Oct 2023 18:42:27 +0000
ROA not before: Thu 19 Oct 2023 18:37:27 +0000
ROA not after: Thu 17 Oct 2024 18:42:27 +0000
asID: 61317
IP address blocks: 45.95.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:74:e1:70:69:5e:e1:51:06:af:3d:cf:f7:6d:d0:c5:80:2f:b0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Oct 19 18:37:27 2023 GMT
Not After : Oct 17 18:42:27 2024 GMT
Subject: CN=AE0630CCF57CB1D96DD94EBBA7C5EB0E60727D3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:0b:51:f6:59:91:de:35:f6:9d:3e:a3:56:c4:
59:34:51:2e:e1:03:47:a2:e0:08:ca:44:f9:23:62:
9c:d6:a8:5b:23:ac:2e:d4:14:eb:6a:54:5a:cd:b7:
cc:c6:d2:e2:e5:fd:f0:6f:ed:6d:41:98:0f:0d:d5:
e0:56:e0:3b:b8:cd:d3:45:5f:33:79:dc:4b:17:fa:
cd:9e:3a:08:c7:44:4c:97:8e:eb:ad:ee:3c:0e:35:
46:73:96:c5:0f:17:f4:ac:f5:61:8d:89:7d:4c:a5:
04:ec:8d:03:ba:ec:4b:55:46:98:06:a8:12:8d:ef:
b0:01:a3:b0:71:d8:09:10:f3:e7:67:2c:55:8d:fc:
24:ee:de:96:37:a5:0e:bb:ce:10:bd:f0:51:98:ce:
2f:21:2e:6a:8b:7e:6d:ec:03:c2:c7:16:49:a7:2a:
2a:59:0a:c9:d2:4e:e3:2a:c9:d4:96:a6:83:f7:41:
36:b9:3b:95:60:f1:f4:46:1f:03:bc:4f:57:8a:1f:
0a:2d:d7:26:18:15:f4:ff:d9:04:b7:86:82:23:81:
86:e6:3f:4b:4f:87:f1:71:65:76:4a:02:d7:9a:79:
bb:e6:da:d1:b2:c2:44:e1:15:79:c3:9b:4c:3e:11:
2d:82:cd:cc:c5:84:2f:c2:f3:72:78:2a:ec:9c:87:
1b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:06:30:CC:F5:7C:B1:D9:6D:D9:4E:BB:A7:C5:EB:0E:60:72:7D:3C
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.212.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f4:1c:70:2c:bc:41:14:9a:52:60:0b:2b:db:5e:5a:9c:e1:
0d:bb:fd:c0:c6:62:b1:1d:cd:6f:28:04:ef:7a:56:a0:87:af:
da:f9:31:d2:1b:05:02:d5:c8:56:1a:94:52:d9:c5:01:eb:be:
37:7b:26:e6:dc:60:37:29:fd:22:dd:fb:81:5b:2b:14:e1:f8:
6b:d8:35:69:40:49:0e:02:25:e0:c9:ff:fb:6a:f2:60:f5:de:
f1:48:89:3b:40:b3:ee:26:87:42:64:4f:94:65:32:6e:be:55:
4c:fc:09:05:ad:23:e8:e9:97:19:eb:3c:3e:7f:43:16:50:7d:
ff:90:f9:75:d4:3d:b5:40:e5:1e:69:92:bd:f5:92:c8:aa:8f:
88:18:e4:9d:5e:b8:ed:46:65:96:f2:16:2d:87:38:e8:b0:3c:
81:44:5c:e8:fb:42:7b:27:db:ad:dc:0e:ec:3e:0f:11:7d:d1:
e9:1c:2e:1e:4b:de:9e:59:ba:9b:4f:62:f4:0e:92:f2:49:aa:
a7:3f:66:ea:74:74:1b:e1:24:ab:23:a3:36:af:34:6d:fc:41:
a5:0c:a2:08:c1:d7:01:81:3b:7d:2f:de:18:9e:cd:38:64:34:
d0:a3:fe:d2:54:62:d1:34:e6:03:4a:55:79:83:11:a9:ae:73:
12:cb:c5:3a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUY3ThcGle4VEGrz3P923QxYAvsNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEwMTkxODM3MjdaFw0yNDEwMTcxODQyMjdaMDMxMTAvBgNV
BAMTKEFFMDYzMENDRjU3Q0IxRDk2REQ5NEVCQkE3QzVFQjBFNjA3MjdEM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxC1H2WZHeNfadPqNWxFk0US7h
A0ei4AjKRPkjYpzWqFsjrC7UFOtqVFrNt8zG0uLl/fBv7W1BmA8N1eBW4Du4zdNF
XzN53EsX+s2eOgjHREyXjuut7jwONUZzlsUPF/Ss9WGNiX1MpQTsjQO67EtVRpgG
qBKN77ABo7Bx2AkQ8+dnLFWN/CTu3pY3pQ67zhC98FGYzi8hLmqLfm3sA8LHFkmn
KipZCsnSTuMqydSWpoP3QTa5O5Vg8fRGHwO8T1eKHwot1yYYFfT/2QS3hoIjgYbm
P0tPh/FxZXZKAteaebvm2tGywkThFXnDm0w+ES2CzczFhC/C83J4KuychxuHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUrgYwzPV8sdlt2U67p8XrDmByfTwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
1DANBgkqhkiG9w0BAQsFAAOCAQEAf/QccCy8QRSaUmALK9teWpzhDbv9wMZisR3N
bygE73pWoIev2vkx0hsFAtXIVhqUUtnFAeu+N3sm5txgNyn9It37gVsrFOH4a9g1
aUBJDgIl4Mn/+2ryYPXe8UiJO0Cz7iaHQmRPlGUybr5VTPwJBa0j6OmXGes8Pn9D
FlB9/5D5ddQ9tUDlHmmSvfWSyKqPiBjknV647UZllvIWLYc46LA8gURc6PtCeyfb
rdwO7D4PEX3R6RwuHkvenlm6m09i9A6S8kmqpz9m6nR0G+EkqyOjNq80bfxBpQyi
CMHXAYE7fS/eGJ7NOGQ00KP+0lRi0TTmA0pVeYMRqa5zEsvFOg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:30:29 2025 by rpki-client